Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          SGPZiptIc2TxrNAW7//3N0Clz8kye2JSsrSSR1w6E6s=
Subject key identifier:   69:A0:35:5A:E3:47:86:A3:C5:C9:9A:DA:6D:91:B4:C6:2B:ED:53:91
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019A4FD003343C8A8E521D4334221281B037
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 17:00:23 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:23 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:23 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: nEa3GypLrVkTKXzLR1+f0vv5acgPHj+p/r9F75M27dM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:03:34:3c:8a:8e:52:1d:43:34:22:12:81:b0:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Nov  4 17:00:23 2025 GMT
            Not After : Nov  5 17:00:23 2025 GMT
        Subject: CN=69a0355ae34786a3c5c99ada6d91b4c62bed5391
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:05:91:a3:ed:7c:79:13:75:05:8a:d8:c0:f9:
                    bb:e8:58:f5:a3:f8:b5:58:64:36:cf:d9:bb:84:a9:
                    df:a8:4a:45:bd:52:89:7d:0e:8c:55:69:aa:7e:8e:
                    b4:2c:02:49:70:6a:79:31:04:2f:74:69:eb:2d:e6:
                    2a:bb:d4:32:69:97:1e:f8:87:7f:3c:50:89:97:38:
                    8d:15:2b:10:aa:3d:44:bd:44:9e:8f:c8:02:89:52:
                    79:7e:ec:f7:0c:f6:3f:d0:ff:e9:ad:d3:40:a3:78:
                    0a:de:3f:ea:f3:88:c5:64:fc:de:ee:53:1b:43:68:
                    59:92:ff:0d:fa:f1:4d:fa:f7:53:25:17:8b:f0:26:
                    7b:92:c1:d1:a2:78:64:a2:d2:a4:ea:5a:1c:5e:9c:
                    8c:4c:7c:55:1f:6b:25:07:cc:9d:29:e0:80:4a:7e:
                    c2:90:cf:26:66:61:d3:68:48:5d:a7:3f:41:c9:36:
                    72:1b:d7:86:59:2b:59:87:82:ef:c7:d6:43:3f:15:
                    62:25:d2:77:4c:2f:51:90:62:00:2d:60:7e:70:12:
                    a9:93:0b:37:c5:0c:61:6f:c0:d8:4c:9d:70:79:6b:
                    f9:84:5d:09:1c:33:de:cf:7c:39:3f:10:e4:f2:dc:
                    50:12:0d:20:73:6e:ae:6d:c6:1e:6c:63:54:c1:9a:
                    06:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:A0:35:5A:E3:47:86:A3:C5:C9:9A:DA:6D:91:B4:C6:2B:ED:53:91
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:b8:99:42:e3:76:c3:28:80:28:c8:d8:ae:03:3a:78:8b:e2:
         49:23:8f:6a:47:ba:04:a4:63:5a:dd:fe:b0:f1:b4:0b:95:88:
         c3:d8:67:93:a4:9e:48:52:31:92:ba:61:91:33:65:78:50:81:
         f5:c6:e6:3c:60:ce:ac:7f:b6:09:73:ab:d1:37:49:ba:1b:b2:
         01:8b:c5:91:d3:e4:21:c6:60:9e:0e:09:78:56:ad:61:d2:63:
         e6:1b:8c:63:a4:7d:63:53:bc:91:a3:fa:ce:53:9f:48:80:ea:
         1d:02:b9:bd:64:eb:9f:05:f3:ae:9f:ea:22:77:e7:fc:c7:63:
         a5:81:df:c7:be:ee:fd:93:15:20:2d:19:5b:53:6a:70:df:63:
         eb:43:35:93:52:7d:3c:5d:0a:91:71:f9:c8:61:17:7d:2d:57:
         69:a2:02:a9:23:27:05:90:dc:cc:5e:2f:cb:04:57:9a:70:12:
         32:08:0c:ef:ae:12:ea:b0:c3:fb:af:0d:57:84:76:83:66:4a:
         ea:3c:61:ae:00:2e:b7:12:2f:ed:e3:ba:93:53:9d:6f:d8:f2:
         80:81:7c:c0:ac:39:ec:48:77:90:c9:ea:15:91:4f:28:a0:02:
         ff:79:19:15:eb:a3:69:d0:7a:f5:d3:89:1a:66:26:d2:31:18:
         52:81:8b:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0AM0PIqOUh1DNCISgbA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUxMTA0MTcwMDIzWhcNMjUxMTA1MTcwMDIzWjAzMTEwLwYDVQQD
Eyg2OWEwMzU1YWUzNDc4NmEzYzVjOTlhZGE2ZDkxYjRjNjJiZWQ1MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQWRo+18eRN1BYrYwPm76Fj1o/i1
WGQ2z9m7hKnfqEpFvVKJfQ6MVWmqfo60LAJJcGp5MQQvdGnrLeYqu9QyaZce+Id/
PFCJlziNFSsQqj1EvUSej8gCiVJ5fuz3DPY/0P/prdNAo3gK3j/q84jFZPze7lMb
Q2hZkv8N+vFN+vdTJReL8CZ7ksHRonhkotKk6locXpyMTHxVH2slB8ydKeCASn7C
kM8mZmHTaEhdpz9ByTZyG9eGWStZh4Lvx9ZDPxViJdJ3TC9RkGIALWB+cBKpkws3
xQxhb8DYTJ1weWv5hF0JHDPez3w5PxDk8txQEg0gc26ubcYebGNUwZoGNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmgNVrjR4ajxcma2m2RtMYr7VORMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApriZQuN2
wyiAKMjYrgM6eIviSSOPake6BKRjWt3+sPG0C5WIw9hnk6SeSFIxkrphkTNleFCB
9cbmPGDOrH+2CXOr0TdJuhuyAYvFkdPkIcZgng4JeFatYdJj5huMY6R9Y1O8kaP6
zlOfSIDqHQK5vWTrnwXzrp/qInfn/MdjpYHfx77u/ZMVIC0ZW1NqcN9j60M1k1J9
PF0KkXH5yGEXfS1XaaICqSMnBZDczF4vywRXmnASMggM764S6rDD+68NV4R2g2ZK
6jxhrgAutxIv7eO6k1Odb9jygIF8wKw57Eh3kMnqFZFPKKAC/3kZFeujadB69dOJ
GmYm0jEYUoGL7Q==
-----END CERTIFICATE-----